Restrict access for VPN Client on IOS EZVPN Server

Unanswered Question
Jul 27th, 2009
User Badges:

I like to restrict a VPN Client to access only one /24 network at the central site. In

crypto isakmp client configuration group mode i cannot find such an option.

On ASA there is such option.

Is there another way to do this ?

Either on legacy EZVPN config or on DVTI.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
htarra Mon, 08/03/2009 - 13:07
User Badges:
  • Bronze, 100 points or more

This URL provides a sample configuration using the Cisco Adaptive Security Device Manager (ASDM) for restricting what internal networks remote access VPN users can access behind the PIX Security Appliance or Adaptive Security Appliance (ASA). You can limit remote access VPN users to only the areas of the network that you want them to access when you:

Create access lists.

Associate them with group policies.

Associate those group policies with tunnel groups


This Discussion